Last Updated on July 24, 2021 by InfraExam

EC0-350 : ECCouncil Certified Ethical Hacker v8 : Part 03

  1. At a Windows Server command prompt, which command could be used to list the running services?

    • Sc query type= running
    • Sc query \\servername
    • Sc query
    • Sc config
  2. Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

    • Cross-site scripting
    • SQL injection
    • Missing patches
    • CRLF injection
  3. While conducting a penetration test, the tester determines that there is a firewall between the tester’s machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?

    • Packet filtering firewall
    • Application-level firewall
    • Circuit-level gateway firewall
    • Stateful multilayer inspection firewall
  4. A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:

    Untrust (Internet) – (Remote network =
    DMZ (DMZ) – (
    Trust (Intranet) – (

    The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?

    • Permit RDP 3389
    • Permit RDP 3389
    • Permit RDP 3389
    • Permit RDP 3389
  5. A circuit level gateway works at which of the following layers of the OSI Model?

    • Layer 5 – Application
    • Layer 4 – TCP
    • Layer 3 – Internet protocol
    • Layer 2 – Data link
  6. Which of the following is a symmetric cryptographic standard?

    • DSA
    • PKI
    • RSA
    • 3DES
  7. A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

    Which cryptography attack is the student attempting?

    • Man-in-the-middle attack
    • Brute-force attack
    • Dictionary attack
    • Session hijacking
  8. Which property ensures that a hash function will not produce the same hashed value for two different messages?

    • Collision resistance
    • Bit length
    • Key strength
    • Entropy
  9. How can telnet be used to fingerprint a web server?

    • telnet webserverAddress 80
      HEAD / HTTP/1.0
    • telnet webserverAddress 80
      PUT / HTTP/1.0
    • telnet webserverAddress 80
      HEAD / HTTP/2.0
    • telnet webserverAddress 80
      PUT / HTTP/2.0
  10. Low humidity in a data center can cause which of the following problems?

    • Heat
    • Corrosion
    • Static electricity
    • Airborne contamination
  11. A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?

    • Man trap
    • Tailgating
    • Shoulder surfing
    • Social engineering
  12. When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s computer to update the router configuration. What type of an alert is this?

    • False positive
    • False negative
    • True positve
    • True negative
  13. While performing data validation of web content, a security technician is required to restrict malicious input. Which of the following processes is an efficient way of restricting malicious input?

    • Validate web content input for query strings.
    • Validate web content input with scanning tools.
    • Validate web content input for type, length, and range.
    • Validate web content input for extraneous queries.
  14. A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?

    • Forensic attack
    • ARP spoofing attack
    • Social engineering attack
    • Scanning attack
  15. Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

    • Metasploit scripting engine
    • Nessus scripting engine
    • NMAP scripting engine
    • SAINT scripting engine
  16. Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

    • Microsoft Security Baseline Analyzer
    • Retina
    • Core Impact
    • Microsoft Baseline Security Analyzer
  17. A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?

    • Firewall-management policy
    • Acceptable-use policy
    • Remote-access policy
    • Permissive policy
  18. When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?

    • A bottom-up approach
    • A top-down approach
    • A senior creation approach
    • An IT assurance approach
  19. Which of the following processes evaluates the adherence of an organization to its stated security policy?

    • Vulnerability assessment
    • Penetration testing
    • Risk assessment
    • Security auditing
  20. A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?

    • The consultant will ask for money on the bid because of great work.
    • The consultant may expose vulnerabilities of other companies.
    • The company accepting bids will want the same type of format of testing.
    • The company accepting bids will hire the consultant because of the great work performed.